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- 77)e MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a), In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)£3 Responsive to communication(s) filed on 25 October 2001 . 
2a)D This action is FINAL. 2b)l3 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1 935 CD. 1 1 , 453 O.G. 21 3. 

Disposition of Claims 

4) ^ Claim(s) 1-26 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) I3 Claim(s) 1-26 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)13 The drawing(s) filed on 25 October 2001 is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR l;85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 1 1 9 

1 2)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (0- 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. D Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . Claims 1-26 are pending in this application. 

Information Disclosure Statement 

2. The information disclosure statement filed October 25, 2001 has not been fully 
considered. The US Patent documents have been considered, but the non-patent literature has 
not. The accompanying CD-ROM that included the relevant documents is unavailable. The 
contents have not been scanned and Examiner is unable to locate the CD-ROM to view the 
references. It is hereby requested that Applicant include copies of the non-patent literature in the 
response to this Office action, such that the references may be considered. 

Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S. C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 2 1 (2) of such treaty in the English language. 

4. Claims 1-2, 11, and 26 are rejected under 35 U.S.C 102(e) as being anticipated by 
McNabb et ah (USPN 6,289,462) (hereinafter McNabb). 
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5. As per claim 1, McNabb teaches the invention as claimed, including a computer system 
comprising: 

at least one processor (col. 6 lines 28-29); 
a memory (col. 1 lines 11-18; Fig. 1); 

a secure platform stored in the memory for controlling the processor and the memory 
(col. 7 lines 11-20); 

an operating system image stored in the memory for controlling the processor and the 
memory and operating on top of the secure platform (col. 8 line 54 - col. 9 line 10); 

an end user application stored in the memory for controlling the processor and the 
memory and operating on top of the operating system image (col. 9 lines 34-36); and 

wherein the secure platform is configured to provide a secure partition within the 
memory for storing secret data associated with and accessible by the end user application (col. 4 
lines 20-24), the secure partition being inaccessible to the operating system and other tasks 
operating on top of the secure platform (col. 17 lines 7-17, 52-61). 

6. As per claim 2, McNabb teaches the invention as claimed, including the computer system 
of claim 1, wherein the at least one processor has at least three execution privilege levels 
including a first privilege level, a second privilege level that is less privileged than the first 
privilege level, and a third privilege level that is less privileged than the second privilege level 
(col. 12 lines 50-65). 
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7. As per claim 11, McNabb teaches the invention as claimed, including the computer 
system of claim 1, wherein the end user application includes a secure process indicator for 
indicating that the end user application is to be treated as a secure process (col. 10 lines 10-25). 

8. As per claim 26, McNabb teaches the invention as claimed, including a computer 
readable medium containing the components of the computer system of claim 1 (Fig. 1). 

Claim Rejections -55 USC §103 

9. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

10. Claims 3-6 and 18-21 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over McNabb. 

11. As per claim 3, McNabb teaches the invention as claimed, including the computer system 
of claim 2, wherein the end user application is configured to operate at the third privilege level as 
an unprivileged task (col. 9 lines 57-67), the operating system image is configured to operate at 
the second privilege level as an unprivileged task (col. 12 line 61 - col. 13 line 6), and at least a 
first portion of the secure platform is configured to operated at the first privilege level as a 
privileged task (col. 10 lines 60-65; col. 1 1 lines 3-9). 
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12. It is noted that McNabb does not necessarily limit the privilege levels of the end user 
application, as certain applications may be granted superuser status. However, the default level 
for the end user application is the "least" privilege level, such that it is ensured that it is properly 
authenticated before giving it access to the relevant partition. The secure platform operates at a 
highest privilege level, as it is the module that implements security and controls access to the 
processor and memory. Secondly, the operating system operates at a level between the secure 
platform and the end user application, and inherently has a privilege level that is less than the 
secure platform, but greater than the end user application. The operating system resides on top 
of the secure platform and acts as a negotiator to allow the end user application access to secret 
data. Finally, the end user application has a level of privileges assigned to it, depending on the 
partitions that it needs to access. These privileges may be increased or decreased depending on 
the sections of memory that it must access. 

13. As per claim 4, McNabb teaches the invention as claimed, including the computer system 
of claim 3, wherein the first portion of the secure platform is a secure platform kernel (SPK) (col. 
10 lines 60-65; col. 11 lines 3-9). 

14. As per claim 5, McNabb teaches the invention as claimed, including the computer system 
of claim 4, wherein the SPK performs security critical services including memory services (col. 7 
lines 11-20). 
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15. As per claim 6, McNabb teaches the invention as claimed, including the computer system 
of claim 5, wherein the security critical services performed by the SPK further include process 
services, cryptographic services, and exception handling (col. 7 lines 1 1-20). 

16. As per claims 18-21, McNabb teaches the invention as claimed, including a computer 
system according to claims 1-6 (Fig. 1). 

17. Claims 7-10, 12-17, and 22-25 are rejected under 35 U.S.C 103(a) as being 
unpatentable over McNabb in view of Quach et al. (USPN 6,654,909) (hereinafter Quach). 

18. As per claim 7, Quach teaches the invention as claimed, including the computer system 
of claim 1, wherein the at least one processor includes: 

protection key registers configured to hold protection keys (col. 2 lines 65-67), which the 
secure platform employs to control access to security critical structures (col. 2 lines 38-39). 

19. It would have been obvious to one of ordinary skill in the art to combine McNabb and 
Quach since the use of protection keys allows data associated with critical resources to be 
consumed without being taken out of memory. Thus, resources that are used more than once do 
not have to be re-authenticated each time that an application accesses the resource. This is much 
more efficient than performing a potentially computationally intensive authentication procedure 
each time that an application accesses a resource. 
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20. As per claim 8, Quach teaches the invention as claimed, including the computer system 
of claim 7, wherein the security critical structures include the secure partition (col. 1 lines 35- 
43). 

21. As per claim 9, McNabb teaches the invention as claimed, including the computer system 
of claim 8, wherein the secure partition includes at least one memory page (col. 7 lines 44-47). 

22. As per claim 10, McNabb teaches the invention as claimed, including the computer 
system of claim 7, wherein the security critical structures include the end user application (col. 
17 lines 52-61). 

23. As per claim 12, McNabb teaches the invention as claimed, including a method of 
controlling the computer system of claims 1-4 and 7 (col. 1 lines 11-18; Fig. 1). 

24. As per claim 13, Quach teaches the invention as claimed, including the method of claim 
12, and further comprising: 

monitoring execution of instructions of the end user application (col. 2 line 52 - col. 3 
line 27); and 

flushing the first protection key value from the protection key registers when execution of 
the end user application instructions stops (col. 1 lines 37-43). 
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25. As per claim 14, Quach teaches the invention as claimed, including the method of claim 
13, and further comprising: 

reinserting the first protection key value in one of the protection key registers when 
execution of the end user application instructions resumes (col. 1 lines 45-46). 

26. As per claim 15, McNabb teaches the invention as claimed, including the method of 
claim 12, wherein the allocating a portion of the memory is performed by the SPK (col. 10 lines 
60-65; col. 11 lines 3-9). 

27. As per claim 16, Quach teaches the invention as claimed, including the method of claim 
12, wherein the first protection key value is inserted in one of the protection key registers by the 
SPK (col. 2 line 52 - col. 3 line 27). 

28. As per claim 17, Quach teaches the invention as claimed, including the method of claim 
12, and further comprising: 

associating a second protection key with the end user application to prevent unauthorized 
modifications (col. 2 line 52 - col. 3 line 27). 

29. As per claims 22-25, McNabb teaches the invention as claimed, including a computer 
system according to claims 7-10 (col. 1 lines 11-18; Fig. 1). 
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Conclusion 



30. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Syed J. Ali whose telephone number is (571) 272-3769. The 
examiner can normally be reached on Mon-Fri 8-5:30, 2nd Friday off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Meng-Ai T. An can be reached on (571) 272-3756. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



Syed Ali 
May 24, 2005 
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